Nearly Two-Thirds of U.S. Federal IT Leaders See Identity Management as Critical to Cybersecurity - Unisys Survey
Yet only 20 percent or fewer say their agencies' identity management systems are fully automated or leverage biometrics
RESTON, Va., January 31, 2018 – About two-thirds (64 percent) of U.S. federal government IT leaders view identity management solutions as a "very important" way to address the growing cybersecurity threats to their agencies, according to a new Digital Trust survey sponsored by Unisys Corporation (NYSE: UIS).
At the same time, while nearly all survey respondents said their agencies used identity management systems to some degree, only 16 percent said those systems were fully automated and integrated. In addition, only 20 percent are using biometrics as a means to discern identity, and only 40 percent are using "principle of least privilege," or the practice of limiting user access rights to the bare minimum needed to perform their job functions.
Identity management is a way of protecting the identities of users who are authorized to access data, systems or facilities, with far-reaching implications for critical needs like passports, visas, national IDs and border control – just to name a few. Users can authenticate their identities with something they carry, such as a chip-enabled ID card or a smartphone; with something they remember such as a PIN or password; using biometrics such as fingerprints or facial images; and/or using their location as determined by GPS.
The survey also found that many respondents view budget limitations as a hurdle to fielding identity management systems, with 70 percent viewing this as a significant or moderate challenge. Other challenges cited by respondents included lack of skilled staff and lack of an adequate IT infrastructure able to support these systems, with 60 percent and 59 percent citing these as significant or moderate challenges, respectively.
"This survey shows that the overwhelming majority of federal IT leaders understand the value of identity management technology and the role it can play in helping them to address the growing security threats their agencies face," said Venkatapathi "PV" Puvvada, president of Unisys Federal. "But it also illustrates the need for agencies to take additional steps to address challenges related to budgets, support staff and infrastructure. There also remains a huge opportunity for agencies to improve their security by fully automating their identity management systems and implementing biometrics-based solutions."
Conducted by research company Market Connections, the survey queried 200 U.S. federal government IT leaders on their attitudes toward a wide range of security-related issues. Unisys will address the survey results at the Federal Digital Trust Symposium today in Washington, D.C., including discussing its view on why identity management is the future of secure access in government.
Other findings from the survey include:
- Nearly three-quarters of respondents (71 percent) said they expected cybersecurity threats to increase this year.
- Opinion is mixed regarding the extent to which the security posture at respondents' agencies had changed in the past 12 months. Thirty-four percent report their agency's security posture is more secure, 25 percent state their posture is more vulnerable and 41 percent indicate their posture has not changed from the previous year.
- The top three security concerns over the past year cited by respondents were external threats (cited by 56 percent), mobile device use (cited by 54 percent) and vulnerability patching (cited by 44 percent).
- The most commonly used security tools at respondents' agencies were smart card or common access cards (cited by 78 percent of respondents), endpoint security software (cited by 60 percent) and configuration management software (cited by 58 percent).
Unisys is a global information technology company that specializes in providing industry-focused solutions integrated with leading-edge security to clients in the government, financial services and commercial markets. Unisys offerings include security solutions, advanced data analytics, cloud and infrastructure services, application services and application and server software. For more information, visit www.unisys.com.
RELEASE NO.: 0131/9565
Unisys and other Unisys products and services mentioned herein, as well as their respective logos, are trademarks or registered trademarks of Unisys Corporation. Any other brand or product referenced herein is acknowledged to be a trademark or registered trademark of its respective holder.
Heather Linville, Hill+Knowlton Strategies for Unisys, 415-238-6783